Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/0142ef-3d67-4dcf-8049-48cdc3639c32/1/uhOsJcaa9z1ZP3iq-lBjS40-vcw.roa
File: uhOsJcaa9z1ZP3iq-lBjS40-vcw.roa (raw, json)
Hash identifier: dMXBsPomj7w1tPqSRN9cB5AQ2cx9smpsAtx8l9opfsM=
Subject key identifier: BA:13:AC:25:C6:9A:F7:3D:59:3F:78:AA:FA:50:63:4B:8D:3E:BD:CC
Certificate issuer: /CN=a44f7d87cfa927de84d104b326c86abbc62dd2fc
Certificate serial: 01880A1C5747150818AAC9544EB24F718D92
Authority key identifier: A4:4F:7D:87:CF:A9:27:DE:84:D1:04:B3:26:C8:6A:BB:C6:2D:D2:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pE99h8-pJ96E0QSzJshqu8Yt0vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/0142ef-3d67-4dcf-8049-48cdc3639c32/1/uhOsJcaa9z1ZP3iq-lBjS40-vcw.roa
Signing time: Thu 11 May 2023 09:20:09 +0000
ROA not before: Thu 11 May 2023 09:20:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42947
IP address blocks: 95.214.241.0/24 maxlen: 24
95.214.242.0/23 maxlen: 24
91.213.74.0/24 maxlen: 24
91.213.75.0/24 maxlen: 24
94.154.3.0/24 maxlen: 24
91.213.121.0/24 maxlen: 24
91.213.120.0/24 maxlen: 24
5.181.236.0/22 maxlen: 24
45.95.76.0/23 maxlen: 24
45.95.78.0/23 maxlen: 24
45.14.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:1c:57:47:15:08:18:aa:c9:54:4e:b2:4f:71:8d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a44f7d87cfa927de84d104b326c86abbc62dd2fc
Validity
Not Before: May 11 09:20:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba13ac25c69af73d593f78aafa50634b8d3ebdcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:09:c2:e0:9a:7d:c9:82:81:54:28:4c:73:d4:
c2:4c:0b:2f:74:a7:5d:ba:9f:d1:0d:d8:9a:26:37:
96:aa:8c:f1:b3:d4:5a:2a:ff:ac:09:bd:fa:a3:39:
ff:b8:e5:a3:d2:55:f0:c0:8b:e5:23:24:7c:05:39:
d3:c9:55:e1:d6:da:cb:81:15:f9:4f:38:3b:6b:85:
cd:31:fc:42:fa:0e:5c:0e:5d:52:8e:c2:23:83:76:
11:ca:2f:4b:2a:24:53:29:2f:c0:df:32:0c:5c:c1:
e1:95:85:66:6f:1f:54:c7:66:a7:ab:45:99:b6:a9:
e3:b8:49:26:45:0a:be:ef:6b:e1:5c:3f:81:c0:a7:
2c:b4:29:6c:91:c0:47:4b:4f:71:8b:08:89:a2:79:
27:a5:5a:43:45:2a:d9:40:a9:5e:82:c6:cc:f6:b4:
30:f9:4d:ee:b8:27:af:a9:34:6f:91:d8:46:fd:07:
77:11:dd:c3:2e:08:1c:30:6d:84:e8:db:94:4f:44:
16:b6:ff:f4:c2:6b:b0:fa:b7:51:e5:bd:04:f7:bc:
cf:45:83:00:d7:f5:e7:c0:b3:d7:97:72:f7:23:ab:
ee:2f:66:d2:a7:dc:f0:05:ee:27:1c:45:53:7e:7e:
b9:1f:07:84:b4:d7:fa:6c:ec:14:97:38:71:02:30:
d5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:13:AC:25:C6:9A:F7:3D:59:3F:78:AA:FA:50:63:4B:8D:3E:BD:CC
X509v3 Authority Key Identifier:
keyid:A4:4F:7D:87:CF:A9:27:DE:84:D1:04:B3:26:C8:6A:BB:C6:2D:D2:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pE99h8-pJ96E0QSzJshqu8Yt0vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0142ef-3d67-4dcf-8049-48cdc3639c32/1/uhOsJcaa9z1ZP3iq-lBjS40-vcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0142ef-3d67-4dcf-8049-48cdc3639c32/1/pE99h8-pJ96E0QSzJshqu8Yt0vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.236.0/22
45.14.120.0/22
45.95.76.0/22
91.213.74.0/23
91.213.120.0/23
94.154.3.0/24
95.214.241.0-95.214.243.255
Signature Algorithm: sha256WithRSAEncryption
51:c5:8a:ac:3a:dd:de:91:ab:62:27:65:17:e8:65:af:38:f3:
93:9b:70:f9:59:0e:ec:c0:d9:5b:43:49:e4:93:bb:67:be:95:
04:bb:dc:63:93:98:a8:55:a4:4f:67:f7:67:8d:83:61:38:61:
95:95:70:37:67:4f:59:85:39:28:34:e5:a4:14:24:a5:9f:ce:
54:db:3c:90:b3:55:a9:34:6c:1e:8e:80:7e:ba:c7:2f:c4:08:
7b:e3:db:44:43:6e:b5:12:33:f4:48:95:05:fe:a2:87:20:dd:
64:58:12:fb:c7:1c:cf:01:d5:e0:7b:8f:8e:aa:ad:90:4a:88:
45:96:e5:5e:3d:4d:22:dd:49:4c:a0:92:5e:88:7e:42:35:ba:
fd:ce:95:d7:de:72:26:63:5f:b4:ba:0a:99:0e:79:64:e8:33:
b7:70:c3:c5:8e:88:c6:29:a3:16:ae:2a:21:d9:93:9d:e1:f4:
b2:84:7c:7f:a8:9a:8d:b2:40:2e:c8:09:b9:42:ea:b4:11:b1:
48:46:6d:9b:d3:e7:55:a1:40:f5:a3:ce:92:2e:53:e1:99:08:
9c:ab:27:76:50:c2:72:a6:ee:30:42:ad:54:81:b3:b8:cc:5d:
66:94:29:c5:41:ad:20:33:07:6d:3f:7e:b6:a0:d1:a9:33:00:
c1:02:a6:7b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYgKHFdHFQgYqslUTrJPcY2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGY3ZDg3Y2ZhOTI3ZGU4NGQxMDRiMzI2Yzg2YWJiYzYy
ZGQyZmMwHhcNMjMwNTExMDkyMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTEzYWMyNWM2OWFmNzNkNTkzZjc4YWFmYTUwNjM0YjhkM2ViZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQnC4Jp9yYKBVChMc9TCTAsvdKdd
up/RDdiaJjeWqozxs9RaKv+sCb36ozn/uOWj0lXwwIvlIyR8BTnTyVXh1trLgRX5
Tzg7a4XNMfxC+g5cDl1SjsIjg3YRyi9LKiRTKS/A3zIMXMHhlYVmbx9Ux2anq0WZ
tqnjuEkmRQq+72vhXD+BwKcstClskcBHS09xiwiJonknpVpDRSrZQKlegsbM9rQw
+U3uuCevqTRvkdhG/Qd3Ed3DLggcMG2E6NuUT0QWtv/0wmuw+rdR5b0E97zPRYMA
1/XnwLPXl3L3I6vuL2bSp9zwBe4nHEVTfn65HweEtNf6bOwUlzhxAjDVtwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLoTrCXGmvc9WT94qvpQY0uNPr3MMB8GA1UdIwQY
MBaAFKRPfYfPqSfehNEEsybIarvGLdL8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEU5OWg4LXBKOTZFMFFTekpzaHF1OFl0MHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wMTQyZWYtM2Q2Ny00ZGNmLTgwNDkt
NDhjZGMzNjM5YzMyLzEvdWhPc0pjYWE5ejFaUDNpcS1sQmpTNDAtdmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wMTQyZWYtM2Q2Ny00ZGNmLTgwNDktNDhjZGMzNjM5YzMy
LzEvcEU5OWg4LXBKOTZFMFFTekpzaHF1OFl0MHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCBbXsAwQC
LQ54AwQCLV9MAwQBW9VKAwQBW9V4AwQAXpoDMAwDBABf1vEDBAJf1vAwDQYJKoZI
hvcNAQELBQADggEBAFHFiqw63d6Rq2InZRfoZa8485ObcPlZDuzA2VtDSeSTu2e+
lQS73GOTmKhVpE9n92eNg2E4YZWVcDdnT1mFOSg05aQUJKWfzlTbPJCzVak0bB6O
gH66xy/ECHvj20RDbrUSM/RIlQX+oocg3WRYEvvHHM8B1eB7j46qrZBKiEWW5V49
TSLdSUygkl6IfkI1uv3OldfeciZjX7S6CpkOeWToM7dww8WOiMYpoxauKiHZk53h
9LKEfH+omo2yQC7ICblC6rQRsUhGbZvT51WhQPWjzpIuU+GZCJyrJ3ZQwnKm7jBC
rVSBs7jMXWaUKcVBrSAzB20/frag0akzAMECpns=
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:04:16 2025 by rpki-client